How your employees put your organization at risk

Sarah K. White |
May 29, 2015

Security is, of course, a major concern for most companies, but it's often seen as an outside threat. But it turns out that employees are one of the biggest security threats, and apparently most acknowledge their behavior is risky, according to a Blue Coat study.

The Blue Coat study of 1,580 employees from 11 countries uncovered the risky habits of employees accessing - sometimes knowingly - inappropriate content on work devices. Some of the biggest issues include accessing adult content, but social media is also posing a new threat to businesses.

Adult content

According to data from Blue Coat, one in every 20 U.S. employees has accessed adult content on a work device, but naivety isn't an excuse. Eighty percent of those who admitted to doing so also acknowledged it put the company's security at risk. China was the biggest offender, with one in five employees admitting to accessing adult content on a work device.

The danger is more than a potential work-place harassment lawsuit. Most of these sites often hide malicious content within links. That's how websites offering free adult content make their money, through installing malware on your computer **** is Blue Coat the source of this info? ***. So it's less about the content employees are accessing, and more about the threats that lie within the links, according to Joseph Steinberg, cybersecurity expert and author.

Steinberg points out that the threat is greater than websites offering free pornography. It also includes "anything that has pirated software and movies," he says. "A lot of them are actually in the business of putting malware onto computers. So it's not just the blocking for the sake of preventing the employee from doing something wrong, it's also preventing damage to the businesses computers and potentially data."

That means an employee downloading pirated content onto their work computer offers more potential danger than the legalities around accessing that type content. It can cause a business' systems to break, allowing malware to infiltrate the system and reveal sensitive company data.

Phishing

Phishing poses one of the greatest risks to companies, because a well-meaning employee can quickly - and unintentionally - cause a security threat with the click of a link. Blue Coat found that while the U.S. reported opening fewer unsolicited emails than other countries (17 percent), 80 percent of businesses still view phishing as a major security threat.

Steinberg points out that phishing is nothing new. "It's the same thing that was going on 500 years ago when a guy showed up at a castle and said 'I'm a knight,' and he had killed the real knight and taken his armor. The scams are the same in a different medium, so training can only get you to a certain level. People still fall victim to scams; people still make mistakes."